How do I stay internet safe when travelling?

This is the most REALISTIC post in the entire thread.

westernrvparkowner wrote:
YES, someone who actually understands the difference between theoretical threats and actual threats.
No one is outside the Burger King in Pratt, Kansas sifting through millions of peoples photos of their grandkids looking for account numbers and passwords to bank accounts that might contain a few hundred or thousands of dollars.
Even if the theoretical worst happens and your account is drained, the bank is going to refund your money because your money is safe from theft when it is in an FDIC insured bank. No different than if someone stole a check from your checkbook and cashed it at the Kwiki Mart. It might be a hassle and take some paperwork, but your money is safe.
Now if you have 7 Billion in a numbered account in the Cayman Islands that is a branch of the Bank of Zimbabwe and your account is hacked while you are trying to make a transfer to avoid having your account disclosed in the Panama Papers scandal and the money ends up in an account in North Korea, all bets are off.

And just because I didn't get in an accident today doesn't mean I won't get in one tomorrow and be killed. Yep, sure could happen, but the odds are against it. And the same is true with your scenario. It just boils down to your own personal amount of risk factor.

If a person was really, actively worried about internet security he would never do any "secure" online activity. Most of the huge numbers of passwords and login ID's have been stolen from the places that store them, supposedly securely. Same is true of CC info.

Gdetrailer wrote:

rwbradley wrote:
Unfortunately there are a lot of opinions on this topic and not a lot of expert advice. As a Certified Information Systems Security Professional (CISSP) and a Certified Ethical Hacker (CEH), I can say, the best advice posted so far is buy a MIFI hotspot and do not use public WIFI for anything sensitive like banking.
Unfortunately where opinion seems to get in the way of reality is regarding advice on WHEN public WIFI can be safe. Public WIFI can NEVER be trusted to do sensitive things like banking. The problem with public WIFI is that you can never be sure that the Starbucks WIFI that your phone sees is truly put up by Starbucks even when you are parked outside Starbucks. I can easily create a WIFI network called Starbucks and then I can watch every packet of data pass thru my "fake" Starbucks network on its way to the bank. HTTPS will not even protect you as it is easy to generate a fake Certificate and most users do not realize that a certificate does two things, one is to encrypt the data and the other is to prove the owner. Most users would never know that they are getting a fake certificate from a fake Starbucks network and that their data is being decrypted, thus being able to steal their password and then re-encrypting it and forwarding it on to the proper destination (your bank).
Yes it is unlikely to happen to you, but it is easy to do, high school kid easy. Do you want to risk someone getting your banking information or other sensitive info and putting a mortgage on your home and then transferring the money to the Grand Caymans? Don't ever risk using public WIFI for anything sensitive without using a VPN to secure your traffic, it is just not worth the risk to be "that guy" who got hacked.
I did a write up on my blog on Internet Safety while RVing. Part 3 addresses WIFI security and Part 4 addresses VPN's.
Link

Post some real life PROOF of REAL folks who have been CERTIFIED BY A THIRD PARTY that they got hacked by using a public wifi..

Many people YACK that it is not safe, but yet they (and you) offer no real life CERTIFIED EXAMPLES as proof.

Is it possible? Sure, but in real life, since you are an "expert" on the subject you should be able to offer real examples and even numbers on how many have been hacked..

I would bet, that if you could even offer proof, most of those folks would have already been hacked via Malware BEFORE hopping on a free wifi..

OK I will take the troll bait.
Normally if you go to your Doctor and he tells you that you have cancer, you assume that he is the expert and take his expert opinion in making future decisions, you may ask for a second opinion to be sure. In the legal world people bring experts to court, not so they can teach the judge and jury how to be an expert in their field or to bore them with case studies to prove the causal link of something, the expert simply proves they are an expert in the field and the court will take their testimony as expert fact.
For this reason if you would like to contact a Mod and ask them to PM me I would be glad to provide (privately) proof of my (I guess it was your comment) "expertise". I would also gladly accept any expert opinion you can bring forth to refute anything I have said.
However just as your Doctor or Lawyer would laugh you out of their office if you asked for certified proof, I am bound by both moral and professional obligations along with privacy laws that do not allow to discuss any examples I may or may not be aware of or involved in.
I am however not interested in trying to change any opinion, we are all entitled to our opinion, but as the OP asked for advice, this is mine.
I suggest if anyone wants to learn more of the risks of public WIFI, I would open up google and search "man in the middle attack" you will find more than enough proof. With that said, the best way to be safe on the internet is to not be the low hanging fruit, the low hanging fruit always get picked first. Just because you don't think you have been hacked today does not mean you have not been hacked thru your healthcare insurance provider, Home Depot, Target, LinkedIn, Evernote etc... It also does not mean you will not be hacked later. Why hope for the best when a little amount of protection can go a long way to helping prevent it one day?
Public WIFI is the low hanging fruit, and if you think RV'rs are safe, think about this for a moment... In Florida, Arizona, and Texas in the winter, RV parks are filled with hundreds of thousands of retired, possibly less tech savvy home owners with their mortgage paid off all crammed together in small RV parks not much bigger than a Walmart parking lot. In each park that is hundreds or thousands of middle class computer users in easy range of a single hacker, that is what I call low hanging fruit. The banks may be somewhat safe as they have a team of IT security people, but an RV park in the south in winter would be the first place I would go as opposed to a Starbucks or McDonalds to harvest huge amounts of credentials from lots of people who have enough money to have paid off their house, have credit cards and lines of credit, and own several iPhones, iPads and Laptops and use them regularly on public WIFI to do their banking, Facebook etc all with the same password, so all I need to do is get their password off of one less secure site to get access to everything, all because they think they will never get hacked in an RV park!

doxiemom11 wrote:
https gives you a secure encrypted connection and every bank, credit card etc does provide those secure connections. It has nothing to do with how you connect to the internet. Once you are done with your business, close your browser before continuing on to other sites.

ssl (https) is not a panacea for internet security.

suggested study subject: man in the middle (exploit | attack | vulnerability)

https gives you a secure encrypted connection and every bank, credit card etc does provide those secure connections. It has nothing to do with how you connect to the internet. Once you are done with your business, close your browser before continuing on to other sites.

Don't forget they can wiretap a phone. I'm thinking smoke signals and a heliograph. :)

Better to just stay away from the internet. Maybe the medical profession has it right.. let's go back to telephone and paper.

The online operation might be secure BUT what about the system on the other end that stores the data? How is the data stored? How secure is the server? Who has access to the stored data?

Even our federal tax authorities have issues with keeping data secure.
http://www.usatoday.com/cyber-hack-gained-access-more-than-700000-irs-accounts

Home Depot had all credit card numbers stolen and people advised to cancel their cards.

Wal-Mart online photo service also had credit card numbers stolen from its system and people were advised to cancel their cards.

AllegroD wrote:
There is a difference in whether the threat exists,likelihood and minimizing the threat.
Threat exists.

No doubt the threat exists. But let's face it, you're much more likely to get killed driving the highway than to have your bank account hacked while you're logging in. Both can happen, but you don't stay home and not drive.

I use a cell hotspot simply because I have it on my phone. When in libraries, Starbucks, Micky D's or wherever just ask them the name of their free wifi but remember that if it is not encrypted your non-httpS code is open to people listening.

Credentials? I don't have multiple certifications but I do write financial software that moves trillions of $$$ a day over the SWIFT network... and I haven't been sleeping too well these past few weeks!

Dave